Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/U3ct6oF7TF3ha1MNQwRfXaIdqcw.roa
File: U3ct6oF7TF3ha1MNQwRfXaIdqcw.roa (raw, json)
Hash identifier: YaIfk7zkxFbdBqcIxVietWzM6y/nA6wbT6U/Bit3dBI=
Subject key identifier: 53:77:2D:EA:81:7B:4C:5D:E1:6B:53:0D:43:04:5F:5D:A2:1D:A9:CC
Certificate issuer: /CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Certificate serial: 018B967C635C4F8FF53381934ACE696A6775
Authority key identifier: 6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/U3ct6oF7TF3ha1MNQwRfXaIdqcw.roa
Signing time: Fri 03 Nov 2023 18:40:16 +0000
ROA not before: Fri 03 Nov 2023 18:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.150.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:7c:63:5c:4f:8f:f5:33:81:93:4a:ce:69:6a:67:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bd0c5b3fa6c288860ccb6d90200cbb8e57db7f7
Validity
Not Before: Nov 3 18:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53772dea817b4c5de16b530d43045f5da21da9cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:59:1e:17:5d:49:7e:66:0d:94:b2:80:3a:
b6:ef:68:55:77:e2:c1:a6:96:75:ea:c3:61:76:5b:
b0:68:a2:e3:a7:71:b6:b4:b0:a4:c8:b1:61:a3:c4:
f2:98:9f:45:82:65:2b:63:48:f3:e2:cb:0e:6a:40:
f9:8c:20:f3:03:6f:d9:62:d1:cf:e5:fa:d1:cc:21:
51:87:9f:a0:14:e5:21:99:4a:f4:84:c0:e1:6e:88:
9f:9c:8e:8e:69:2c:34:81:0e:88:5f:f7:f5:09:cf:
57:99:1e:ca:56:1b:69:f6:3f:c9:14:8d:9e:61:50:
76:b3:a7:f1:30:b1:bb:59:b6:a1:24:b0:67:46:c7:
65:ff:2b:71:7b:f5:7d:cd:02:ac:0a:76:65:23:a6:
7a:34:1c:a1:5c:01:b9:c9:aa:80:12:4d:bc:a2:3b:
8d:4b:37:0e:74:f6:4a:3b:64:ff:a0:ae:bb:58:cb:
3a:35:13:33:69:32:3f:e3:93:7d:65:35:eb:d4:ae:
b5:f9:b0:3b:94:57:8f:ec:da:23:ba:61:63:61:ec:
c2:0d:7c:cd:6a:88:07:48:87:28:1d:f1:a3:8a:ef:
b7:15:a8:22:fd:5f:cc:3d:26:9a:99:42:13:52:69:
6b:8d:27:2e:e8:95:d9:3f:ce:4b:11:44:79:af:07:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:77:2D:EA:81:7B:4C:5D:E1:6B:53:0D:43:04:5F:5D:A2:1D:A9:CC
X509v3 Authority Key Identifier:
keyid:6B:D0:C5:B3:FA:6C:28:88:60:CC:B6:D9:02:00:CB:B8:E5:7D:B7:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9DFs_psKIhgzLbZAgDLuOV9t_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/U3ct6oF7TF3ha1MNQwRfXaIdqcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b4f584-f256-4cab-adbb-c4620fab1f19/1/a9DFs_psKIhgzLbZAgDLuOV9t_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:db:d6:98:67:ac:7d:03:00:f2:86:6d:20:dc:3e:08:5a:1a:
04:db:e3:a0:8f:b8:87:00:ac:fd:e1:cc:9c:ae:41:5a:1c:59:
a3:a5:c5:a4:09:e7:a8:7c:07:f6:b8:49:e8:e5:e6:ae:1d:5c:
cb:67:09:79:c3:b7:3c:55:ee:99:f5:ea:e1:e2:06:31:ec:3f:
b0:a0:c6:66:23:dc:33:e4:8a:ba:12:64:c2:11:bd:d2:dc:6d:
22:47:c3:a8:b4:cd:8b:63:34:9f:64:48:4d:6c:6f:37:03:f9:
7f:83:c2:00:b1:be:56:4e:74:e2:38:ba:7e:cd:df:06:a3:1c:
95:93:70:a7:a0:19:68:51:31:54:56:40:c0:ec:11:57:4d:ef:
0d:62:39:97:1d:fe:53:0b:39:f0:6b:08:5f:c4:8f:c3:a7:24:
b8:c2:2f:9c:22:b7:e4:87:8f:72:a7:ad:06:4a:3c:ba:40:bf:
68:1e:a0:e4:e8:63:34:6f:a1:10:61:5e:0a:17:bb:32:37:e9:
d8:85:fd:b6:55:f7:c0:0f:09:cb:bc:6d:52:7f:97:de:47:0c:
16:5a:08:2b:74:8a:63:17:35:ba:50:82:a5:d0:19:2c:78:76:
26:2d:c8:6b:cb:28:1e:cf:b3:9f:a2:09:17:91:23:f4:30:b3:
36:dc:a1:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuWfGNcT4/1M4GTSs5pamd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZDBjNWIzZmE2YzI4ODg2MGNjYjZkOTAyMDBjYmI4ZTU3
ZGI3ZjcwHhcNMjMxMTAzMTg0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc3MmRlYTgxN2I0YzVkZTE2YjUzMGQ0MzA0NWY1ZGEyMWRhOWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT9ZHhddSX5mDZSygDq272hVd+LB
ppZ16sNhdluwaKLjp3G2tLCkyLFho8TymJ9FgmUrY0jz4ssOakD5jCDzA2/ZYtHP
5frRzCFRh5+gFOUhmUr0hMDhboifnI6OaSw0gQ6IX/f1Cc9XmR7KVhtp9j/JFI2e
YVB2s6fxMLG7WbahJLBnRsdl/ytxe/V9zQKsCnZlI6Z6NByhXAG5yaqAEk28ojuN
SzcOdPZKO2T/oK67WMs6NRMzaTI/45N9ZTXr1K61+bA7lFeP7NojumFjYezCDXzN
aogHSIcoHfGjiu+3Fagi/V/MPSaamUITUmlrjScu6JXZP85LEUR5rwcNIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFN3LeqBe0xd4WtTDUMEX12iHanMMB8GA1UdIwQY
MBaAFGvQxbP6bCiIYMy22QIAy7jlfbf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmIt
YzQ2MjBmYWIxZjE5LzEvVTNjdDZvRjdURjNoYTFNTlF3UmZYYUlkcWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNGY1ODQtZjI1Ni00Y2FiLWFkYmItYzQ2MjBmYWIxZjE5
LzEvYTlERnNfcHNLSWhnekxiWkFnREx1T1Y5dF9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZYHMA0G
CSqGSIb3DQEBCwUAA4IBAQB929aYZ6x9AwDyhm0g3D4IWhoE2+Ogj7iHAKz94cyc
rkFaHFmjpcWkCeeofAf2uEno5eauHVzLZwl5w7c8Ve6Z9erh4gYx7D+woMZmI9wz
5Iq6EmTCEb3S3G0iR8OotM2LYzSfZEhNbG83A/l/g8IAsb5WTnTiOLp+zd8GoxyV
k3CnoBloUTFUVkDA7BFXTe8NYjmXHf5TCznwawhfxI/DpyS4wi+cIrfkh49yp60G
Sjy6QL9oHqDk6GM0b6EQYV4KF7syN+nYhf22VffADwnLvG1Sf5feRwwWWggrdIpj
FzW6UIKl0BkseHYmLchryygez7OfogkXkSP0MLM23KFX
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:38:24 2025 by rpki-client